Bitdefender Cannot Detect The New WHQL Rootkits
I recently discovered the new WHQL Rootkits. Bitdefender and many other anti-virus software providers still cannot detect them. Due to the large number of files and their total size, I can't submit them to Bitdefender according to the normal process. I've tried to contact case that haven't been closed before, but they seem to be out of working hours.
Hash:
f3b017cf469aa4e76b1e9b67c6462a0b5d9ebbfc550c1bf3f65e9ccdf88f2447
d6f7fd346cafc4e7e2227a5ef8dd9ddbbdd83dbc5d139734b03e2c404509cd06
6bf7fb60c2c93dc17ba5dbf24f63d1ede4615fc53e3f6643bd676f2e9c9d4c2b
2088764efe780fcde3a7623b330e8319280c26e481bed8fc3e8726bfddc1ea53
a82794500932cd286b88fec79a8b0e6d9121b135e531da8552333ebb87da834f
547eb802e7bbf40ce6b5e219baad84152677653e92eaefeee7ce4226cf312058
342d7d819f869870a677a3670bbe520fb89389b63c5dd6c68b80fb63117463d3
a1be29cd2a06867c14dca5a621eb73a5428d6a31bbd4182d350e46775ad80cdf
ee75bbe10675a7b8e90072cfac182d65963d927778f0d4c477f6ccc5c9570ac3
b1fde38dcf163f7724ec240d7441b5b75386e9199ecd80dd878bfd9bff6b823b
b7a9bed4c0f1aed75ffc5d2ba14463a8e9b6144c9f07ab4d7c60b127ee145211
8501d07f3834192ed16badc423120445cd15581779020646e1671b5ac81e2fbf
b28abf0b11ed44661b77594430919e8e269169568931d1e530342ac149fb33e6
0522751131368fa007f8ed52209a5b9b4583b82c3fa9af20ad82d575f2c6e711
f9d9d22b9c19f45b8ba74b556a959990586fd2c10f962af34e49d12b94d5d35b
a2d1bfc6686f97d82ff7a7c2e027dd7fdb75a86531c28ed827652722c43e4ee8
d38a206431cdf0ccf3520240a91831e8222f9cf8ecb7104361079eca96c155a4
e398b3818cb784c6efb6b2e80a265429b417ac693f35a3ba155baabab7445511
6c6dbcd53a7e6a4e0dd1458cb417ef472afbb178d457481eda8f85561b9debd4
51f9f9338eb97e9a06d8e78fc7ba61c0e62484bd179b321c4f31c3e69d8ddf84
a0cf4ca6570a7442cce8ea98b62df060ecafc7d8498667d07674b29aaf9b225a
be85725cacdcd1377bd79459c003b3a1b9e2e35ba30544560c19f6634259791a
e20a485993086dec457dff824e8ca7053f6b3cbc75117d63e87c79d537c05c5b
0aa222fe91919a0c9f477d4c68af4de9cffdaf1cc63d96ee7e137a3aaef69530
55b20056f002a1746d73e8b874f1d20c4d179bf5455b9268dc286f2da6b83db2
80951e2f257d8c6b1f94e1c298144a1b4d928399b028fec3eddad2354fbe9773
e1e2b29c575fce4fc8f8a43cc3b13ee31b70acf3336db07b99cfa5bfbf6643cf
b051703a9c6851960849d4fea3311892d4fc3681d6fd2e23d7861f006f2fbfa2
9914a6f768631be401f2af9dd4d36056ecca55d62751aece05ccc2dc0993862e
081e37847d8916cf28b2f8ec172208898bb3b8f44dd5ad97470ca915dadf2f72
9d05061c3b7a62ae365639e0532b4ac6226e3bdd6e9caf0a1166ef80829356bb
Comments
-
The hashes have been shared with the malware researchers. The post will be updated once an update is recieved.
Regards
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
1 -
Thank you @Flexx ! 🤜🤛
0 -
The sent hashes are malicious and detection will be added soon.
Regards
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
3 -
Well down. This is really good news. Thank you.
Regards
1 -
Sorry, was on a long holiday.
Shared the hashes with the malware reasearch team. In future, you can also share the hashes with @Alexandru_BD or @Mike_BD and they will share it with malware researchers directly and can provide faster resolution on this since they both work for bitdefender.
Regards
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
1 -
Hi @Flexx
"9beca954da15bd7abfa3389e63af322361a12b7616a734d31d9aecef71f84fad",
"4b267203d6cbe5ca72f9f47446153ab62a2f99a0ae0788173cfefe61ba936f6d",
"f2401dd344ef5c65ad674c45e4a5dbc911b0cc6d0c757bd413ffbe715422e080",
"a46c0cce3b4085d148ce29787509166069a329b044077e7a39c5b0834a2de24d",
"2e25a5399bf56768684297709e6cce6d12f3a456afccd9954e490a1d6c524603",
"c823ed1e83337cddb9e43409ed92681590b6d2a251058b221734864233878c92",
"7bf425b214d0306bd5f9a5855f9bdd5895c523be74f672c346f5d2c859a42fe2",
"c444e1c6238b13e4e3d6f85269ba721b00460e4252f0b3f7001e859d780248c3",
"f80246ad1cd3f34b190b5261c3ac3db0496d3e40a38b34203ce02c5ffdd4b46a",
"07d09c2b6dcd61eb5885bf2a43dbf34e4e18a173c286e5f75adb6cdd7af0a8c6",
"621fc2c2ca7d6eecb4569d35a5a3d435281862cec803b7f4f8c06199bc6326c8",
"7987432e06ede9ac618fba0091f5d632e44c48661f298f4010f00a4ca8fb1f14",
"7a0668988a45cd03dfcf9989e8449bcb02bfb946f95cb3e0faea7c048bfe4995",
"e470778d290283465993dbccd3c3dc5b1a9a3f84fdc50a8d3537d069ba24f477",
"c7c03242d68ae59a0d6ae06863d019cb7a1c26bd11334431311df0d5db45753a",
"0a6116a00f97f37499da064234901c8a4e99a271318724416ff0634846463351",
"62838d2ed5ea996375e0e6a29b00a6213cc25e89935ef5582cd9c0ebea527558",
"96a5843d1283647ec94cf77e2197ffd07f909b7cdf3f30e18314a97d9f903e91",
"874198939fe87d0986fefd97619021e2bfae3e203e0839d5a3b4fec85117567b",
"14021b3a6eaca0718a03c39b602e12aea2e78d70e0a33dcb3fcc8c66d4f2e167",
"c27c5b331e8d6410631a03118b49672edc40fd84abd2e4dbdc18db03b9ee9eed",
"d786c5b9d8c9509d5b52c052534fc747ef604da6ddf34a8207e5fdcd1fd09ff7",
"91262198d13ea2fe6264c898bd6fcf8f7e3cdebdb144d73adbad6bf13c5d6152",
"6f7571785987bae5218088860a08c68f8e1fcb82aea48dfe2db4a2a45bf1c0a2",
"c02b7979be0d931878e35b58223d3bb05fd7913495051c6a9a56b77e96c15cd1",
"976e74a800fb3905911d6e3701d89bb4b722b067a7f199b0020b8cfafeaa5118",
"12003a563b4e85a91e71d9c2084e13850a17bd4cac822ef7a592ef1c5302807d",
"8054bb07b1839bbbb6086cfe95d35f9cc29bc178486e7553d706673ca32fd6a7",
"7a16217ab07fc6449182071d25612f2be61fb8453382632ade5c566c67853c36",
"996434920b27f2534fd1197810f391e5d8899dfde94500517b7632f17a8d3d8b",
"592d4056b36cf298da2403a6afb9a52162f1f377085ca75d11a09bc2f5ae5434",
"ba96f697c7da94fdc27a9c57292ed82f08f8d6e0e119794a40904cc7d10d0a71",
"827ff254a8f16247e1e67e756691b4ccbacc6dabc532468e54d3f83ec1f38c26",
"e000c25ca6138e9bf54528a5f1134e86f4715f4231493d0a42cd64aa6669eb02",
"b692eaca8a9a1c313f6c23f53f122d2a3b0b5fe1e32563adcbc9a748e85f1f68".
New samples of the WHQL RootKits Bitdefender cannot detect.
Regards
1 -
Hashes have been shared with the malware researchers.
Regards
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
1 -
As checked, detections have been created.
Regards
OMEN Laptop 15-en1037AX (Bitdefender Total Security) & Samsung Galaxy S22 Ultra (Bitdefender Mobile Security)
1
